<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/lib/oe/gpg_sign.py, branch genericarm64</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=genericarm64</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=genericarm64'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2023-03-31T22:30:36+00:00</updated>
<entry>
<title>lib/oe/gpg_sign.py: Avoid race when creating .sig files in detach_sign</title>
<updated>2023-03-31T22:30:36+00:00</updated>
<author>
<name>Tobias Hagelborn</name>
<email>tobias.hagelborn@axis.com</email>
</author>
<published>2023-03-30T15:38:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=5a34ddf76ddc75d98e7f3a29fb35bb8a8b0d624b'/>
<id>urn:sha1:5a34ddf76ddc75d98e7f3a29fb35bb8a8b0d624b</id>
<content type='text'>
Move the signature file into place only after it is successfully signed.
This to avoid race and corrupted .sig files in cases multiple onging
builds write to a shared sstate-cache dir.

(From OE-Core rev: b4ec08ea9efebac262d43f47d95a356fe2829de9)

Signed-off-by: Tobias Hagelborn &lt;tobiasha@axis.com&gt;
Signed-off-by: Peter Kjellerstedt &lt;peter.kjellerstedt@axis.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>lib: Add copyright statements to files without one</title>
<updated>2022-08-12T11:00:43+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2022-08-10T19:40:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=ce08cf4825f0e4e42509794a2dcd53a3ea5126e4'/>
<id>urn:sha1:ce08cf4825f0e4e42509794a2dcd53a3ea5126e4</id>
<content type='text'>
Where there isn't a copyright statement, add one to make it explicit.
Also add license identifiers as MIT if there isn't one.

(From OE-Core rev: bb731d1f3d2a1d50ec0aed864dbca54cf795b040)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>gpg-sign: Add parameters to gpg signature function</title>
<updated>2022-04-05T21:25:13+00:00</updated>
<author>
<name>Xavier Berger</name>
<email>xavier.berger@bio-logic.net</email>
</author>
<published>2022-04-03T19:50:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=bd8f1f7787b7017b29ecea5b18a164a39de09e27'/>
<id>urn:sha1:bd8f1f7787b7017b29ecea5b18a164a39de09e27</id>
<content type='text'>
output_suffix: If defined, add output_suffix as file name extension.
use_sha256: If True, use sha256 for gpg as digest algorithm

(From OE-Core rev: cfcaa54dc73925df448099fb60f75b18350b2a3b)

Signed-off-by: Xavier Berger &lt;xavier.berger@bio-logic.net&gt;
Signed-off-by: Ferry Toth &lt;ftoth@exalondelft.nl&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>sstate: Allow validation of sstate singatures against list of keys</title>
<updated>2021-10-14T21:52:31+00:00</updated>
<author>
<name>Daniel McGregor</name>
<email>daniel.mcgregor@vecima.com</email>
</author>
<published>2021-10-13T04:04:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=652fdf8719ba5cf2c486bf3d19904b5140dbd0d1'/>
<id>urn:sha1:652fdf8719ba5cf2c486bf3d19904b5140dbd0d1</id>
<content type='text'>
Allow a user to validate sstate objects against a list of keys, instead
of just any known key in the user's keychain.

(From OE-Core rev: 52ba0c5e6e2e3d5d01dc3f01404f0ab1bb29b3b5)

Signed-off-by: Daniel McGregor &lt;daniel.mcgregor@vecima.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>lib/oe/gpg_sign.py: Fix gpg verification</title>
<updated>2021-05-21T14:18:23+00:00</updated>
<author>
<name>Daniel McGregor</name>
<email>daniel.mcgregor@vecima.com</email>
</author>
<published>2021-05-18T22:09:29+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=0dad484097a29934d6cff6145164a8a60a81c338'/>
<id>urn:sha1:0dad484097a29934d6cff6145164a8a60a81c338</id>
<content type='text'>
A stray space made it into the command for verifying gpg signatures.
This caused verification to fail, at least on my host. Removing the
space makes it work as expected.

(From OE-Core rev: af1d948822cbe6ac7ede9cb4e881db8dc780e308)

Signed-off-by: Daniel McGregor &lt;daniel.mcgregor@vecima.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>lib/oe/gpg_sign.py: Remove unwanted import</title>
<updated>2019-09-06T13:58:09+00:00</updated>
<author>
<name>Vijai Kumar K</name>
<email>Vijaikumar_Kanagarajan@mentor.com</email>
</author>
<published>2019-09-04T10:01:42+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=550d3541ae7e34fa80fc91e620ffa83c25ff506b'/>
<id>urn:sha1:550d3541ae7e34fa80fc91e620ffa83c25ff506b</id>
<content type='text'>
Remove unwanted import of oe.utils.

(From OE-Core rev: 42e9de68384fb24d5c9a5f161810be90c45942d2)

Signed-off-by: Vijai Kumar K &lt;Vijaikumar_Kanagarajan@mentor.com&gt;
Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>classes/lib: Remove bb.build.FuncFailed</title>
<updated>2019-08-06T10:24:26+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2019-07-31T14:59:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=546c32753b2f0c2174c360ba83a7d2f7ffbb33f7'/>
<id>urn:sha1:546c32753b2f0c2174c360ba83a7d2f7ffbb33f7</id>
<content type='text'>
Whilst seemingly a good idea, this exception doesn't really serve any purpose
that bb.fatal() doesn't cover. Wrapping exceptions within exceptions isn't
pythonic.

Its not used in many places, lets clean up those and remove usage of it
entirely. It may ultimately be dropped form bitbake entirely.

(From OE-Core rev: efe87ce4b2154c6f1c591ed9d8f770c229b044ad)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>gpg_sign/selftest: Fix secmem parameter handling</title>
<updated>2019-06-07T08:11:49+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2019-06-06T18:33:02+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=1334b064d3f04a976a42fe9dad64831b33d93755'/>
<id>urn:sha1:1334b064d3f04a976a42fe9dad64831b33d93755</id>
<content type='text'>
We keep seeing "cannot allocate memory" errors from rpm when signing packages
on the autobuilder. The following were tried:

* checking locked memory use (isn't hitting limits)
* Restricting RPM_GPG_SIGN_CHUNK to 1
* Limiting to 10 parallel do_package_write_rpm tasks
* Allowing unlimied memory overcommit
* Disabling rpm parallel compression

and the test still failed. Further invetigation showed that the --auto-expand-secmem
wasn't being passed to gpg-agent which meant the secmem couldn't be expanded hence the
errors when there was pressure on the agent.

The reason this happens is that some of the early gpg commands can start the agent
without the option and it sticks around in memory so a version with the correct
option may or may not get started.

We therefore add the option to all the key gpg calls.

(From OE-Core rev: c7e131a76e522503df55e211dd261829feacfa28)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>meta/lib+scripts: Convert to SPDX license headers</title>
<updated>2019-05-09T15:31:55+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2019-05-08T17:22:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=ffae400179fd0b64f8882cf79d78e1c0f2d74bee'/>
<id>urn:sha1:ffae400179fd0b64f8882cf79d78e1c0f2d74bee</id>
<content type='text'>
This adds SPDX license headers in place of the wide assortment of things
currently in our script headers. We default to GPL-2.0-only except for the
oeqa code where it was clearly submitted and marked as MIT on the most part
or some scripts which had the "or later" GPL versioning.

The patch also drops other obsolete bits of file headers where they were
encoountered such as editor modelines, obsolete maintainer information or
the phrase "All rights reserved" which is now obsolete and not required in
copyright headers (in this case its actually confusing for licensing as all
rights were not reserved).

More work is needed for OE-Core but this takes care of the bulk of the scripts
and meta/lib directories.

The top level LICENSE files are tweaked to match the new structure and the
SPDX naming.

(From OE-Core rev: f8c9c511b5f1b7dbd45b77f345cb6c048ae6763e)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>lib/oe/gpg_sign.py: Clean up getstatusoutput usage</title>
<updated>2018-08-23T17:02:23+00:00</updated>
<author>
<name>Robert Yang</name>
<email>liezhi.yang@windriver.com</email>
</author>
<published>2018-08-23T08:07:24+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=7cb2ece8b59658168cb35b78447fa5a7085470c2'/>
<id>urn:sha1:7cb2ece8b59658168cb35b78447fa5a7085470c2</id>
<content type='text'>
Replace usage of oe.utils.getstatusoutput() with direct subprocess calls.

(From OE-Core rev: 90c730a898f11adb2ecd377cdd913af83123bcb7)

Signed-off-by: Robert Yang &lt;liezhi.yang@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
</feed>
